Those are just standards checks on whether the email "appears" to be from a legit site.
In order to see whether you rbls work you can look at your mail.log and see if any of the lists rbls will appear in there.

Those are just standards checks on whether the email "appears" to be from a legit site.
In order to see whether you rbls work you can look at your mail.log and see if any of the lists rbls will appear in there.

Click to expand...

Thanks,

I did already looked at the mail logs.
and making :
prompt:/ less mail.log | grep blackhole.securitysage.com ... and the others rbnl's

Sorry once again.
The RBL's are working!
Just found several:
bl.spamcop.net blocks for certain ip's!
Funny but on 170MB of log no other RBL is invoked
Is it necessary any type of registration for the others ?
They seem free in a first glimpse. ...

Those are just standards checks on whether the email "appears" to be from a legit site.
In order to see whether you rbls work you can look at your mail.log and see if any of the lists rbls will appear in there.

Click to expand...

Your line are allready in your first post. The forced identification of hostname, sender and recipient, (fqdn).

Even like this the problem maintains.
In the mail logs I see a lot of emails sent!
That means postfix is still making relay for some of those emails!
In my server this at this current rate it will be 1,5GB in the end of the month!

The deferred queue was made of a lot of emails that obviously had to enter when the server was not configured correctly.
I did not noticed this in the beggining and postfix kept trying to send those spams ..
It was a lot of email ... something like +/-23000 emails!

My problem is that this server might go into a blacl list!

Anyway I overloaded

smtpd_sender_restrictions
smtpd_client_restrictions

smtpd_data_restrictions

and has you suggested the most important :
smtpd_recipient_restrictions

in /etc/postfix/main.cf. SuSE likes to add other networks to that variable (you can check with

Code:

postconf -d

) so these other networks would be allowed to send through your server without authentication.

Click to expand...

You are right.
The problem was the default config.
At least in SuSE 10.1 64bit by default mynetwork_style = subnet.
(i thought it was server and localhost by default!! )
And worst, they add (I do not know how) your IP subnet xxx.xxx.xxx.xxx/24 !
But it was really _really_ a coincidence as the server with IP next to mine is a (micros***t) spam server! Always trying to search for relay email.
What a luck.
Had it been an ip in another class C and I guess I would have been safe .

No problem
Now everything is ok and my IP is not listed in no spam list anymore (I actually detected the thing very fast, it was only open for some hours).
When I detected the problem with a trivial ps ax I imediately stoped ... postfix and fixed it

sorry for the bump, but those lines gave me a hickup. What do the mentioned files contain? I don't have them by default, so I think they have to be created by myself. (I admit I'm too lazy now to look up those paramters in the postfix docs in the first place )